Senior IT Security Engineer

Sunnyvale, California, United States

23andMe is looking for an experienced IT Security Engineer to join our Enterprise Security Systems team. You will bring critical thinking skills, hands-on experience with Enterprise Security design and the ability to work with and influence cross-functional teams (Engineering, IT, NetOps and Architecture). 

You’ll be leveraging your experience and expertise with enterprise security tools and industry best practices to secure our customer data and corporate assets.

Who we are

Since 2006, 23andMe’s mission has been to help people access, understand, and benefit from the human genome.  We are a group of passionate individuals pushing the boundaries of what’s possible to help turn genetic insight into better health and personal understanding.

We are focused on proactive security and are looking for hands-on security engineers who are passionate about building and defending our company’s assets.

What you'll do 

  • Implement, monitor and support corporate IT and infrastructure security solutions, including:
    • Intrusion Detection and Prevention configuration and monitoring
    • Support the Identity and Access Management including enhancing Privileged Identity Management and Session Management (AD, Okta, AWS-IAM, Pulse-Secure, etc.)
    • Monitor, prioritize and react to signals coming out of our security tools (CrowdStrike, OpenDNS, Qualys, PAN-IDS/IPS, SumoLogic, PagerDuty, etc….)
    • Configure, manage and optimize logging, monitoring, correlation and alerting tools, and the orchestration through a security information and event management (SIEM) solution
    • Data Loss Prevention (DLP) solution focusing on PII and Intellectual Property related data.
    • Detect and respond: Deploy Threat Intelligence products and develop threat reports
  • Collaborate with our IT and NetOps teams on the implementation and deployment of enterprise-scale security controls technologies (e.g., firewall, HIDS/NIDS, remote forensics, user behavior analytics, cryptography and protocols that use it, MFA, etc.)
  • Assist with the design, development, delivery, documentation, training, and reporting on security control mechanisms (e.g. firewall, NIPS/NIDS, endpoint-protection/AV/EDR, etc.)
  • Evaluate security technologies; work closely with vendors to ensure timely delivery of products, services, and feature requests.
  • Risk and evidence-based approach: Identify, assess, and prioritize IT risks to corporate data and systems, including external threats, internal threats, and exposure to third-party vulnerabilities.

What you’ll bring

  • A minimum of 5 years of experience with managing large scale enterprise security infrastructure including security solution design and hands-on engineering
  • B.S./M.S. in computer science, engineering, information systems, IT,  Information Security, or a related technical field
  • Experience managing IDS, IPS, vulnerability management, AV, and SIEM tools 
  • Solid understanding of log and monitoring management systems, security event monitoring systems, network-based and host-based intrusion detection systems, firewall technologies, malware detection and enterprise-level antivirus solutions/systems, and encryptions standards
  • Experience with managing and ensuring the timely response and investigation of security events and incidents
  • Experience with compliance frameworks, standards and assessments such as: ISO 27001, HITRUST, SOC2, PCI, HIPAA, NIST, etc.

About us

At 23andMe, we value a diverse, inclusive workforce and we provide equal employment opportunity for all applicants and employees. All qualified applicants for employment will be considered without regard to an individual’s race, color, sex, gender identity, gender expression, religion, age, national origin or ancestry, citizenship, physical or mental disability, medical condition, family care status, marital status, domestic partner status, sexual orientation, genetic information, military or veteran status, or any other basis protected by federal, state or local laws.  If you are unable to submit your application because of incompatible assistive technology or a disability, please contact us at 23andMe will reasonably accommodate qualified individuals with disabilities to the extent required by applicable law.

Please note: 23andMe does not accept agency resumes and we are not responsible for any fees related to unsolicited resumes. Thank you.